[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Becoming a package maintainer

>>>>> On Mon, 16 Feb 1998, "AP" == Avery Pennarun wrote:

  AP> While we're here, I know we don't want to make it any _more_ difficult
  AP> to become a new maintainer, but step 2 as stated doesn't provide any
  AP> additional security at all.  For example, someone at Debian (or someone
  AP> who intercepts my message along the way, steals it from my computer,
  AP> etc.) could grab the image, use GIMP to write their own PGP fingerprint
  AP> on it, re-sign the message, and send it out again.

  AP> I think the intent of the rule is to require a _handwritten_ PGP
  AP> fingerprint on the actual image, before it is scanned.  With modern tools
  AP> like GIMP, of course, even that's pretty hazy security...

We dropped the requirement for the reasons you gave above.
Proudly running Debian Linux! Linux vs. Windows is a no-Win situation....
Igor Grobman           igor@debian.org                 igor@digicron.com 

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: